Locating users inside a building, store, mall, airports, and the like, within a high-level accuracy is a well known problem in the industry. Traditional techniques for locating a wireless communication device within an environment include received signal strength indications (RSSI), time difference of arrival (TDOA), angle of arrival, etc. However, these techniques all suffer from a lack of accuracy, i.e. accuracy is on the order of 60-100 feet. This is not sufficiently accurate for an indoor environment.
Therefore, radio frequency based solutions have been introduced that deploy simply, low-cost radio frequency based tags at known locations within the environment. Such tags can include radio frequency identification (RFID) tags, Bluetooth™ Low Energy (LE) tags, and the like, that periodically broadcast a beacon that includes each tag's unique identity. A client device moving within the environment, and having the ability to receive the beacon and read the identity of any one of such tags, can then be associated with that tag's location. The client device or other network device can provide this identity information to a central server in a location update message, such that the central server will then known the location of the client device.
However, a problem arises from the introduction of radio frequency based tag locationing, in that these simple, low-cost tags do not have much intelligence, and there is no encryption or any authorization involved with their use. As a result, there could be a possibility for hackers to create security attacks for such solutions where client software is running on unmanaged/uncontrolled devices. Such an attack would be primarily to corrupt the central server database of tag identities and locations. For example, an attacker could sniff the packets in the beacons, determine the format of the packet, and determine the deployed tag's identification. All that would be required is for the attacker to walk around the floor and listen for beacons. The attacker could then create a packet with a random list of beacons with known tag identifications, and send these packets in a location update message to the central server. The attacker could use different Media Access Control (MAC) addresses to give an impression that there are multiple clients reporting the location update messages. Further, the attacker could spoof the MAC's from other clients, which could result in more serious issues. In particular, a rogue client using a spoofed MAC address could send the incorrect tag identifications in location update messages so that the location server would think the client is located at a wrong location. Collecting these false location update messages by the central server could result in many false positive readings.
In another scenario, an attacker could broadcast its own beacon and identity (i.e. rogue beaconing). This beacon identity may or may not be known to the central server. In this way, a legitimate client could send an unknown beacon identity to the central server that could not then determine the location of the client device, or a legitimate client could send a known beacon identity to the central server where the server would then determine an incorrect location of the client device.
Hence, there is a need for a technique to detect a rogue device that corrupts radio frequency based locationing within an environment. In particular, it is desirable to provide a technique to detect incorrect location update messages.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present invention.
The apparatus and method components have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.